Am 04.01.2017 um 23:12 schrieb Al Varnell:
Can somebody with access to those samples run them against a virgin ClamAV
signature database to answer the question? I'd be happy to if there are
samples I can access.
official, virgin signatures don't and probably will never recognize
recent malware and following this list you should know this already
On Wed, Jan 04, 2017 at 07:33 AM, TR Shaw wrote:
I added detection in winnow_extended_malware.hdb which is distributed is the
sanesecurity feed the day after the JAR was released. I also searched for the
RAT and added signatures for that as well in winnow_malware_links.ndb
Signatures are identified as winnow.Trojan.GRIZZLY_STEPPE.<identifier>
Tom
On Jan 4, 2017, at 10:26 AM, Andrew McGrath <and...@checkout51.com> wrote:
I'm being asked a question by our security team that I am struggling
to answer. The question is "Does ClamAV detect Grizzly Steppe?".
I've hunted around the archives, support pages and google, but do not
see any discussion about this, could anyone comment?
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml